Merge d194186353 into d11b16c758

2017-11-22 14:44:16 +00:00 · 2017-11-22 14:44:16 +00:00 · 709526e470
commit 709526e470
parent d11b16c758 d194186353
4 changed files with 86 additions and 21 deletions
--- a/cmd/gost/main.go
+++ b/cmd/gost/main.go
@ -17,13 +17,15 @@ import (
 	"strings"
 	"time"

-	"github.com/ginuerzh/gost"
 	"github.com/go-log/log"
+	"github.com/go-redis/redis"
+	"github.com/ginuerzh/gost"
 )

 var (
 	options route
 	routes  []route
+	redisClient *redis.Client
 )

 func init() {
@ -322,6 +324,10 @@ func (r *route) serve() error {
 		if node.User != nil {
 			users = append(users, node.User)
 		}
+                redisClient, err := connectToRedis(node.Values.Get("redis"))
+		if err != nil {
+			return err
+		}
 		certFile, keyFile := node.Values.Get("cert"), node.Values.Get("key")
 		tlsCfg, err := tlsConfig(certFile, keyFile)
 		if err != nil && certFile != "" && keyFile != "" {
@ -436,6 +442,7 @@ func (r *route) serve() error {
 			gost.TLSConfigHandlerOption(tlsCfg),
 			gost.WhitelistHandlerOption(whitelist),
 			gost.BlacklistHandlerOption(blacklist),
+			gost.RedisClientHandlerOption(redisClient),
 		)
 		var handler gost.Handler
 		switch node.Protocol {
@ -603,6 +610,39 @@ func parseUsers(authFile string) (users []*url.Userinfo, err error) {
 	return
 }

+type redisConfig struct {
+        Address  string `json:"address"`
+        Password string `json:"password"`
+        DB       int    `json:"db"`
+}
+
+func connectToRedis(redisCfg string) (client *redis.Client, err error){
+	if redisCfg == "" {
+		return
+	}
+
+        content, err := ioutil.ReadFile(redisCfg)
+        if err != nil {
+                return
+        }
+
+        config := new(redisConfig)
+        err = json.Unmarshal(content, &config)
+        if err != nil {
+                return
+        }
+
+	client = redis.NewClient(&redis.Options{
+		Addr:     config.Address,
+		Password: config.Password,
+		DB:       config.DB,
+	})
+
+	_, err = client.Ping().Result()
+
+	return
+}
+
 func parseIP(s string, port string) (ips []string) {
 	if s == "" {
 		return
--- a/cmd/gost/redis.json
+++ b/cmd/gost/redis.json
@ -0,0 +1,5 @@
+{
+    "address": "localhost:6379",
+    "password": "",
+    "db": 0
+}
--- a/handler.go
+++ b/handler.go
@ -9,6 +9,7 @@ import (
 	"github.com/ginuerzh/gosocks4"
 	"github.com/ginuerzh/gosocks5"
 	"github.com/go-log/log"
+	"github.com/go-redis/redis"
 )

 // Handler is a proxy server handler
@ -18,12 +19,13 @@ type Handler interface {

 // HandlerOptions describes the options for Handler.
 type HandlerOptions struct {
-	Addr      string
-	Chain     *Chain
-	Users     []*url.Userinfo
-	TLSConfig *tls.Config
-	Whitelist *Permissions
-	Blacklist *Permissions
+	Addr        string
+	Chain       *Chain
+	Users       []*url.Userinfo
+	TLSConfig   *tls.Config
+	Whitelist   *Permissions
+	Blacklist   *Permissions
+	RedisClient *redis.Client
 }

 // HandlerOption allows a common way to set handler options.
@ -71,6 +73,13 @@ func BlacklistHandlerOption(blacklist *Permissions) HandlerOption {
 	}
 }

+// RedisClientHandlerOption sets the RedisClient option of HandlerOptions.
+func RedisClientHandlerOption(client *redis.Client) HandlerOption {
+	return func(opts *HandlerOptions) {
+		opts.RedisClient = client
+	}
+}
+
 type autoHandler struct {
 	options []HandlerOption
 }
--- a/socks.go
+++ b/socks.go
@ -15,6 +15,7 @@ import (
 	"github.com/ginuerzh/gosocks4"
 	"github.com/ginuerzh/gosocks5"
 	"github.com/go-log/log"
+	"github.com/go-redis/redis"
 )

 const (
@ -90,9 +91,10 @@ func (selector *clientSelector) OnSelected(method uint8, conn net.Conn) (net.Con
 }

 type serverSelector struct {
-	methods   []uint8
-	Users     []*url.Userinfo
-	TLSConfig *tls.Config
+	methods     []uint8
+	Users       []*url.Userinfo
+	TLSConfig   *tls.Config
+	RedisClient *redis.Client
 }

 func (selector *serverSelector) Methods() []uint8 {
@ -116,7 +118,7 @@ func (selector *serverSelector) Select(methods ...uint8) (method uint8) {
 	}

 	// when user/pass is set, auth is mandatory
-	if len(selector.Users) > 0 {
+	if len(selector.Users) > 0 || selector.RedisClient != nil {
 		if method == gosocks5.MethodNoAuth {
 			method = gosocks5.MethodUserPass
 		}
@ -150,17 +152,25 @@ func (selector *serverSelector) OnSelected(method uint8, conn net.Conn) (net.Con
 			log.Log("[socks5]", req.String())
 		}
 		valid := false
-		for _, user := range selector.Users {
-			username := user.Username()
-			password, _ := user.Password()
-			if (req.Username == username && req.Password == password) ||
-				(req.Username == username && password == "") ||
-				(username == "" && req.Password == password) {
+		if selector.RedisClient != nil {
+			password, err := selector.RedisClient.Get(req.Username).Result()
+			if err == nil && req.Password == password {
 				valid = true
-				break
 			}
 		}
-		if len(selector.Users) > 0 && !valid {
+		if len(selector.Users) > 0 {
+			for _, user := range selector.Users {
+				username := user.Username()
+				password, _ := user.Password()
+				if (req.Username == username && req.Password == password) ||
+					(req.Username == username && password == "") ||
+					(username == "" && req.Password == password) {
+					valid = true
+					break
+				}
+			}
+		}
+		if (selector.RedisClient != nil || len(selector.Users) > 0) && !valid {
 			resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Failure)
 			if err := resp.Write(conn); err != nil {
 				log.Log("[socks5]", err)
@ -353,8 +363,9 @@ func SOCKS5Handler(opts ...HandlerOption) Handler {
 		tlsConfig = DefaultTLSConfig
 	}
 	selector := &serverSelector{ // socks5 server selector
-		Users:     options.Users,
-		TLSConfig: tlsConfig,
+		Users:       options.Users,
+		TLSConfig:   tlsConfig,
+		RedisClient: options.RedisClient,
 	}
 	// methods that socks5 server supported
 	selector.AddMethod(